chore: bump the npm-dependencies group across 1 directory with 14 updates

[dependabot]

Bumps the npm-dependencies group with 13 updates in the / directory:

Package	From	To
@changesets/cli	2.30.0	2.31.0
@coderrob/eslint-plugin-zero-tolerance	1.2.2	1.2.4
@emnapi/core	1.9.2	1.10.0
@emnapi/runtime	1.9.2	1.10.0
@typescript-eslint/parser	8.58.0	8.59.3
@vitest/coverage-v8	4.1.2	4.1.6
eslint	10.1.0	10.3.0
jscpd	4.0.8	4.1.0
prettier	3.8.1	3.8.3
publint	0.3.18	0.3.20
tinybench	6.0.0	6.0.1
typescript	5.9.3	6.0.3
typescript-eslint	8.58.0	8.59.3

Updates @changesets/cli from 2.30.0 to 2.31.0

Release notes

Sourced from @​changesets/cli's releases.

@​changesets/cli@​2.31.0

Minor Changes

• #1889 96ca062 Thanks @​mixelburg! - Error on unsupported flags for individual CLI commands and print the matching command usage to make mistakes easier to spot.

• #1873 42943b7 Thanks @​mixelburg! - Respond to --help on all subcommands. Previously, --help was only handled when it was the sole argument; passing it alongside a subcommand (e.g. changeset version --help) would silently execute the command instead. Now --help always exits early and prints per-command usage when a known subcommand is provided, or the general help text otherwise.

Patch Changes

• d2121dc Thanks @​Andarist! - Fix npm auth for path-based registries during publish by preserving configured registry URLs instead of normalizing them.

• #1888 036fdd4 Thanks @​mixelburg! - Fix several changeset version issues with workspace protocol dependencies. Valid explicit workspace: ranges and aliases are no longer rewritten unnecessarily, and workspace path references are handled correctly during versioning.

• #1903 5c4731f Thanks @​Andarist! - Gracefully handle stale npm info data leading to duplicate publish attempts.

• #1867 f61e716 Thanks @​Andarist! - Improved detection for published state of prerelease-only packages without latest dist-tag on GitHub Packages registry.

• Updated dependencies [036fdd4, 036fdd4, 036fdd4]:

  • @​changesets/assemble-release-plan@​6.0.10
  • @​changesets/get-dependents-graph@​2.1.4
  • @​changesets/apply-release-plan@​7.1.1
  • @​changesets/get-release-plan@​4.0.16
  • @​changesets/config@​3.1.4

Commits

• 9cce6db Version Packages (#1897)
• d2121dc Fix npm auth for path-based registries during publish by preserving configure...
• 036fdd4 Fix several changeset version issues with workspace protocol dependencies (...
• 5c4731f Gracefully handle stale npm info data leading to duplicate publish attempts...
• 96ca062 Error on unsupported flags for individual CLI commands (#1889)
• 42943b7 fix(cli): respond to --help on all subcommands (#1873)
• f61e716 Improved detection for published state of prerelease-only packages without ...
• See full diff in compare view

Updates @coderrob/eslint-plugin-zero-tolerance from 1.2.2 to 1.2.4

Release notes

Sourced from @​coderrob/eslint-plugin-zero-tolerance's releases.

v1.2.4

What's Changed

• feat: implement require-exported-object-type rule by @​Coderrob in Coderrob/eslint-config-zero-tolerance#37
• chore: update documentation and improve formatting for type safety rules by @​Coderrob in Coderrob/eslint-config-zero-tolerance#38
• bump: update plugin version to 1.2.3 by @​Coderrob in Coderrob/eslint-config-zero-tolerance#39
• More union litera shenanigans where inline union literals within interface definitions or types are blocked by @​Coderrob in Coderrob/eslint-config-zero-tolerance#40
• feat: add seven new rules for safer TypeScript patterns by @​Coderrob in Coderrob/eslint-config-zero-tolerance#41
• Expand rules by @​Coderrob in Coderrob/eslint-config-zero-tolerance#42
• chore: update version to 1.2.4 and finalize changelog by @​Coderrob in Coderrob/eslint-config-zero-tolerance#43

Full Changelog: Coderrob/eslint-config-zero-tolerance@v1.2.2...v1.2.4

Changelog

Sourced from @​coderrob/eslint-plugin-zero-tolerance's changelog.

[1.2.4] - 2026-04-28

Added

• Rule naming validation: Added a validate:rules script that verifies each plugin rule keeps a consistent canonical name across its filename, exported camelCase constant, createRule name, default export, sibling test/BDD/docs files, and plugin registration.
• README synchronization: Added readme:sync and validate:readme scripts that regenerate and verify the root README.md from deterministic rule catalog metadata, canonical rule source metadata, preset metadata, and docs page existence checks.
• require-barrel-relative-exports rule: Added a new built-in rule that requires barrel-file re-export declarations to target only current-directory descendant paths beginning with ./, closing the gap where barrels could stay syntactically clean while still re-exporting from parent, aliased, or package-rooted paths.
• no-indexed-access-types rule: Added a new rule that disallows TypeScript indexed access types such as T['key'], T[K], and T[number], so callers must depend on explicit named contracts instead of structural reach-through.
• no-explicit-any rule: Added a new rule that disallows explicit any annotations and casts so unsafe type erasure has to be replaced with concrete modeling, unknown, or explicit narrowing.
• no-map-set-mutation rule: Added a new rule that disallows direct Map and Set mutation methods such as .set(), .add(), .delete(), and .clear() to keep collection updates explicit and immutable.
• no-math-random rule: Added a new rule that disallows Math.random() and pushes callers toward injected random sources or deterministic generators.
• no-process-env-outside-config rule: Added a new rule that disallows reading process.env outside recognized configuration modules so environment access stays centralized and testable.
• no-return-type rule: Added a new rule that disallows TypeScript ReturnType utility usage so result contracts stay explicit and do not silently track implementation changes.
• require-exhaustive-switch rule: Added a new rule that requires exhaustive switch statements over finite discriminant types and reports missing cases when execution can fall through without handling every member.
• prefer-structured-clone rule: Added a new fixable rule that prefers structuredClone(...) over JSON.parse(JSON.stringify(...)) for deep cloning, while intentionally ignoring JSON.parse revivers and JSON.stringify replacer/spacing variants.
• prefer-object-spread rule: Added a new fixable rule that enforces object spread syntax ({ ...foo }) instead of Object.assign({}, foo). When the first argument is an empty object literal, the autofix converts to spread syntax, correctly inlining object literal arguments and spreading variable/expression arguments.
• require-node-protocol rule: Added a new fixable rule that requires Node.js built-in module imports to use the node: protocol prefix (e.g., node:fs instead of fs).
• no-test-interface-declaration rule: Added a new rule that disallows interface declarations in test files, flagging cases where production types should be exported and imported instead of redeclared locally.
• require-union-type-alias rule: Added a new rule that requires inline union types with two or more type reference members to be extracted into named type aliases, similar to SonarQube S4323.
• no-literal-property-unions rule: Added a new built-in rule that reports interface, type literal, class, and abstract class properties whose value options are declared as literal unions, including string, number, bigint, boolean-mixed, and template-literal members, instead of named domain types.
• Test boundary rules: Added no-set-timeout-in-tests and no-set-interval-in-tests as built-in preset rules, plus opt-in no-fetch-in-tests and no-restricted-imports-in-tests rules for teams that want stricter test isolation from HTTP, filesystem, subprocess, and network dependencies.

Fixed

• Plugin publishing: Minified the plugin JavaScript build output so publish:public and package prepack publish minified artifacts.
• require-barrel-relative-exports rule: Rejected ./ re-export paths containing .. segments so barrel exports cannot escape the current directory while appearing to use descendant-relative syntax.
• README coverage badge: Restored the missing closing quote on the coverage badge src attribute and tightened the badge updater so future coverage refreshes preserve valid HTML.
• prefer-object-spread rule: Avoided unsafe autofixes for Object.assign calls with spread arguments and skipped no-op empty object literal sources when generating object spread fixes.
• Preset registration: Added require-node-protocol and no-test-interface-declaration to the default preset rule map so they are included in the recommended and strict config presets.
• Configuration docs: Synced the preset table in docs/configuration.md with all 60 rules (was missing require-exported-object-type, require-union-type-alias, no-test-interface-declaration, and require-node-protocol).

Changed

• no-banned-types decomposition: Replaced the combined no-banned-types rule with two discrete rules, no-indexed-access-types and no-return-type, so teams can configure indexed-access bans independently from ReturnType bans.
• Documentation overhaul: Polished all documentation as a customer-facing experience - root README hero section with badges and philosophy, plugin README feature summary, MkDocs home page category table, Getting Started admonitions, rules index summary table, and standardised all 60 rule doc pages with emoji headers and Configuration sections.
• mkdocs.yml enhancements: Added project logo and favicon, instant navigation, URL tracking, permalink anchors via toc extension, content tooltips, copyright footer, and GitHub/npm social links.
• no-literal-property-unions rule: Exempted bigint literal unions from being flagged because TypeScript enums cannot represent bigint values, making the "use enums" guidance unactionable for bigint domains.
• no-literal-property-unions rule: Clarified the diagnostic and documentation to recommend named domain types generally, while keeping enums as the preferred option for string and number domains that TypeScript enums can represent.
• no-literal-unions rule: Exempted literal unions inside built-in TypeScript utility type arguments such as Omit, Pick, Record, Exclude, and Extract, while keeping custom generic type arguments reportable.
• no-literal-unions rule: Direct property literal unions are now handled by no-literal-property-unions, avoiding duplicate reports from the default presets while preserving general literal-union enforcement for aliases and other non-property type annotations.

[1.2.3] - 2026-04-03

Added

• require-exported-object-type rule: Added a new built-in rule that requires exported object constants, including Object.freeze({ ... }) patterns and indirect export { Foo } exports, to declare an explicit type annotation instead of leaking inferred structural types.

Changed

• no-literal-unions rule: Extended literal-union detection to report typeof union members that resolve to same-file literal const declarations and to autofix string-valued const-reference unions into enums when the conversion is safe.

... (truncated)

Commits

• f15b62d chore: update version to 1.2.4 and finalize changelog (#43)
• 9cf9ca7 Expand rules (#42)
• 033d870 feat: add seven new rules for safer TypeScript patterns (#41)
• 90775cc More union litera shenanigans where inline union literals within interface de...
• 388d966 bump: update plugin version to 1.2.3 (#39)
• 7b00465 chore: update documentation and improve formatting for type safety rules (#38)
• 7268807 feat: implement require-exported-object-type rule (#37)
• See full diff in compare view

Updates @emnapi/core from 1.9.2 to 1.10.0

Release notes

Sourced from @​emnapi/core's releases.

v1.10.0

What's Changed

• fix: early update wasm memory for views (https://github.com/hardfist/emnapi-shared-memory-grow-repro)
• fix!: napi_adjust_external_memory no longer grow wasm memory
• fix: add missing from64 wrap
• fix: coalesce tsfn (js version) send message
• ci: restructure CI workflows
• ci: prebuilt liraries using llvm 22

Thanks @​hardfist

Full Changelog: toyobayashi/emnapi@v1.9.2...v1.10.0

Commits

• ba84999 1.10.0
• 71b77fb fix: free queue node and set async_pending flag before finalize
• b0cc8cc fix: tsfn use after free
• e2ba931 ci: llvm 22
• b02054a fix: coalesce tsfn send message (#210)
• 71cd534 test: fix async_progress_worker test (#209)
• c81c1fb ci: restructure CI workflows (#208)
• 19b27bb fix: add missing from64 wrap
• 4113230 fix!: napi_adjust_external_memory no longer grow wasm memory (#207)
• 61c497e fix: early update wasm memory for views (#206)
• See full diff in compare view

Updates @emnapi/runtime from 1.9.2 to 1.10.0

Release notes

Sourced from @​emnapi/runtime's releases.

v1.10.0

What's Changed

• fix: early update wasm memory for views (https://github.com/hardfist/emnapi-shared-memory-grow-repro)
• fix!: napi_adjust_external_memory no longer grow wasm memory
• fix: add missing from64 wrap
• fix: coalesce tsfn (js version) send message
• ci: restructure CI workflows
• ci: prebuilt liraries using llvm 22

Thanks @​hardfist

Full Changelog: toyobayashi/emnapi@v1.9.2...v1.10.0

Commits

• ba84999 1.10.0
• 71b77fb fix: free queue node and set async_pending flag before finalize
• b0cc8cc fix: tsfn use after free
• e2ba931 ci: llvm 22
• b02054a fix: coalesce tsfn send message (#210)
• 71cd534 test: fix async_progress_worker test (#209)
• c81c1fb ci: restructure CI workflows (#208)
• 19b27bb fix: add missing from64 wrap
• 4113230 fix!: napi_adjust_external_memory no longer grow wasm memory (#207)
• 61c497e fix: early update wasm memory for views (#206)
• See full diff in compare view

Updates @typescript-eslint/parser from 8.58.0 to 8.59.3

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.59.3

8.59.3 (2026-05-11)

This was a version bump only, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.59.2

8.59.2 (2026-05-04)

🩹 Fixes

• eslint-plugin: [no-unsafe-type-assertion] handle crash on recursive template literal types (#12150)
• eslint-plugin: [no-deprecated] object destructuring values should be treated as declarations (#12292)
• rule-tester: add TypeScript as a peer dependency (#12288)

❤️ Thank You

• Dariusz Czajkowski
• Dima Barabash
• Kirk Waiblinger @​kirkwaiblinger

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.59.1

8.59.1 (2026-04-27)

🩹 Fixes

• eslint-plugin: [no-unnecessary-type-assertion] fix crash "TypeError: checker.getTypeArguments is not a function" (#12246)
• eslint-plugin: [no-unnecessary-type-assertion] preserve index signatures in undefined unions (#12257)
• eslint-plugin: [no-unnecessary-type-assertion] preserve phantom type arguments in generic inference (#12269)
• eslint-plugin: [no-unnecessary-type-assertion] avoid false positive in logical assignment assertions (#12278)
• eslint-plugin: [no-unnecessary-type-arguments] handle instantiation expressions (#12220)
• eslint-plugin: [no-unnecessary-condition] treat void as nullish in no-unnecessary-condition (#12241)

❤️ Thank You

• anasm266 @​anasm266
• Anshika Jain @​Anshikakalpana
• Ulrich Stark
• yugo innami @​nami8824

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

... (truncated)

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.59.3 (2026-05-11)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.2 (2026-05-04)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.1 (2026-04-27)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.0 (2026-04-20)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.58.2 (2026-04-13)

🩹 Fixes

• remove tsbuildinfo cache file from published packages (#12187)

❤️ Thank You

• Abhijeet Singh @​cseas

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.58.1 (2026-04-08)

This was a version bump only for parser to align it with other projects, there were no code changes.

... (truncated)

Commits

• 48e13c0 chore(release): publish 8.59.3
• 44f9625 chore(deps): update vitest monorepo to v4.1.5 (#12307)
• 2ec35f1 chore(release): publish 8.59.2
• 5245793 chore(release): publish 8.59.1
• ea9ae4f chore(release): publish 8.59.0
• 90c2803 chore(release): publish 8.58.2
• be6b49a fix: remove tsbuildinfo cache file from published packages (#12187)
• 5311ed3 chore(release): publish 8.58.1
• See full diff in compare view

Updates @vitest/coverage-v8 from 4.1.2 to 4.1.6

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.6

   🐞 Bug Fixes

• browser: Provide project reference in ToMatchScreenshotResolvePath  -  by @​macarie and @​sheremet-va in vitest-dev/vitest#10138 (31882)
• Global sequence.concurrent: true with top-level test(..., { concurrent: false }) + depreacte sequential test API and options  -  by @​hi-ogawa, Codex and @​sheremet-va in vitest-dev/vitest#10196 (2847d)
• browser: Simplify orchestrator otel carrier  -  by @​hi-ogawa in vitest-dev/vitest#10285 (18af9)

   🏎 Performance

• Stringify diff objects only once  -  by @​sheremet-va in vitest-dev/vitest#10276 (9f7b1)

    View changes on GitHub

v4.1.5

   🚀 Experimental Features

• coverage: Istanbul to support instrumenter option  -  by @​BartWaardenburg and @​AriPerkkio in vitest-dev/vitest#10119 (0e0ff)

   🐞 Bug Fixes

• --project negation excludes browser instances  -  by @​felamaslen in vitest-dev/vitest#10131 (9423d)
• Project color label on html reporter  -  by @​hi-ogawa in vitest-dev/vitest#10142 (596f7)
• Fix vi.defineHelper called as object method  -  by @​hi-ogawa in vitest-dev/vitest#10163 (122c2)
• Alias agent reporter to minimal  -  by @​sheremet-va in vitest-dev/vitest#10157 (663b9)
• Respect diff config options in soft assertions  -  by @​Copilot, sheremet-va and @​sheremet-va in vitest-dev/vitest#8696 (9787d)
• Respect diff config options in soft assertions "  -  by @​sheremet-va in vitest-dev/vitest#8696 (7dc6d)
• ast-collect: Recognize _vi_import prefix in static test discovery  -  by @​Yejneshwar in vitest-dev/vitest#10129 (32546)
• coverage: Descriptive error message when reports directory is removed during test run  -  by @​DaveT1991 and @​AriPerkkio in vitest-dev/vitest#10117 (14133)
• snapshot: Increase default snapshot max output length  -  by @​hi-ogawa and Codex in vitest-dev/vitest#10150 (21e66)
• ui: Fix jsx/tsx syntax highlight  -  by @​hi-ogawa in vitest-dev/vitest#10152 (f1b1f)
• web-worker: Support MessagePort objects referenced inside postMessage data  -  by @​whitphx and Claude Opus 4.6 (1M context) in vitest-dev/vitest#9927 and vitest-dev/vitest#10124 (7ad7d)
• api: Make test-specification options writable  -  by @​sheremet-va in vitest-dev/vitest#10154 (6abd5)

    View changes on GitHub

v4.1.4

   🚀 Experimental Features

• coverage:
  • Default to text reporter skipFull if agent detected  -  by @​hi-ogawa in vitest-dev/vitest#10018 (53757)
• experimental:
  • Expose assertion as a public field  -  by @​sheremet-va in vitest-dev/vitest#10095 (a120e)
  • Support aria snapshot  -  by @​hi-ogawa, Claude Opus 4.6 (1M context), @​AriPerkkio, Codex and @​sheremet-va in vitest-dev/vitest#9668 (d4fbb)
• reporter:
  • Add filterMeta option to json reporter  -  by @​nami8824 and @​sheremet-va in vitest-dev/vitest#10078 (b77de)

   🐞 Bug Fixes

• Use "black" foreground for labeled terminal message to ensure contrast  -  by @​hi-ogawa in vitest-dev/vitest#10076 (203f0)
• Make expect(..., message) consistent as error message prefix  -  by @​hi-ogawa and Codex in vitest-dev/vitest#10068 (a1b5f)

... (truncated)

Commits

• a8fd24c chore: release v4.1.6
• e399846 chore: release v4.1.5
• ac04bac chore: release v4.1.4
• 2dc0d62 chore: release v4.1.3
• See full diff in compare view

Updates eslint from 10.1.0 to 10.3.0

Release notes

Sourced from eslint's releases.

v10.3.0

Features

• 379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

• b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

• 32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)
• 7f47937 docs: Update README (GitHub Actions Bot)

Chores

• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)
• 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818) (Josh Goldberg ✨)
• 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815) (dependabot[bot])
• 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811) (renovate[bot])
• 2f58136 chore: pin peter-evans/create-pull-request action to 5f6978f (#20810) (renovate[bot])
• 77add7f chore: add initial ecosystem plugin tests workflow (#19643) (Josh Goldberg ✨)
• 4023b55 test: Add unit tests for SuppressionsService.prune() (#20797) (kuldeep kumar)
• 54080da test: add unit tests for ForkContext (#20778) (kuldeep kumar)
• f0e2bcc test: add unit tests for SuppressionsService.suppress() method (#20765) (kuldeep kumar)
• a7f0b94 chore: update dependency prettier to v3.8.3 (#20782) (renovate[bot])
• 7bf93d9 chore: update TypeScript to v6 (#20677) (sethamus)
• b42dd72 ci: bump pnpm/action-setup from 6.0.0 to 6.0.1 (#20781) (dependabot[bot])
• 2b252be test: add unit tests for IdGenerator (#20775) (kuldeep kumar)

v10.2.1

Bug Fixes

• 14be92b fix: model generator yield resumption paths in code path analysis (#20665) (sethamus)
• 84a19d2 fix: no-async-promise-executor false positives for shadowed Promise (#20740) (xbinaryx)
• af764af fix: clarify language and processor validation errors (#20729) (Pixel998)
• e251b89 fix: update eslint (#20715) (renovate[bot])

Documentation

• ca92ca0 docs: reuse markdown-it instance for markdown filter (#20768) (Amaresh S M)
• 57d2ee2 docs: Enable Eleventy incremental mode for watch (#20767) (Amaresh S M)
• c1621b9 docs: fix typos in code-path-analyzer.js (#20700) (Ayush Shukla)
• 1418d52 docs: Update README (GitHub Actions Bot)
• 39771e6 docs: Update README (GitHub Actions Bot)
• 71e0469 docs: fix incomplete JSDoc param description in no-shadow rule (#20728) (kuldeep kumar)
• 22119ce docs: clarify scope of for-direction rule with dead code examples (#20723) (Amaresh S M)
• 8f3fb77 docs: document meta.docs.dialects (#20718) (Pixel998)

Chores

• 7ddfea9 chore: update dependency prettier to v3.8.2 (#20770) (renovate[bot])
• fac40e1 ci: bump pnpm/action-setup from 5.0.0 to 6.0.0 (#20763) (dependabot[bot])
• 7246f92 test: add tests for SuppressionsService.load() error handling (#20734) (kuldeep kumar)
• 4f34b1e chore: update pnpm/action-setup action to v5 (#20762) (renovate[bot])

... (truncated)

Commits

• 7889204 10.3.0
• 5b69b4f Build: changelog update for 10.3.0
• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826)
• b6ae5cf fix: handle unavailable require cache (#20812)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787)
• 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818)
• 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)
• 379571a feat: add suggestions for no-unused-private-class-members (#20773)
• 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811)
• Additional commits viewable in compare view

Updates jscpd from 4.0.8 to 4.1.0

Changelog

Sourced from jscpd's changelog.

4.1.0 — 2026-05-09

New Features

• AI Reporter — new ai reporter that produces compact, token-efficient clone output specifically designed for feeding results into language models and AI tooling. Use --reporters ai to activate it.
• MCP Server enhancements — the Model Context Protocol server now exposes a jscpd://statistics resource and supports a recheck endpoint so AI agents can trigger a rescan without restarting the process.
• Apex & CFML language support — jscpd can now detect duplicate code in Salesforce Apex and ColdFusion Markup Language (CFML) files (closes #83, #619).
• GDScript support — detect copy-paste duplication in Godot Engine GDScript files.
• HTML reporter footer — the HTML report now displays a branded footer with the jscpd version and a sponsor link.
• --noTips flag — suppress the usage-tip messages that appear after a detection run.
• CI: Node.js 22.x / 24.x — continuous integration updated to test against the latest Node.js LTS and current releases.

Performance

• Tokenizer — grammars are now loaded lazily, hot paths are O(n), and the spark-md5 dependency has been removed in favour of a lighter built-in implementation. Startup time and memory usage are noticeably reduced on large codebases.
• Replaced the vendored reprism syntax library with the official prismjs npm package, shrinking the installed footprint.

Bug Fixes

• Restored the correct start.line expectation for weak-mode clone detection.

---

4.0.7 — 2026-01-11

New Features

• jscpd-server — a new jscpd-server package ships a RESTful HTTP API for code-duplication detection. Ideal for CI pipelines, IDE plugins, and services that need on-demand analysis without spinning up a CLI process.
• GitHub Actions example — an example_github_action.yml starter workflow is included in the repository.

Bug Fixes

• Ignore patterns defined in configuration files are now applied correctly (the path-matching bug in resolveIgnorePattern has been fixed).
• Importing jscpd as a Node.js module no longer auto-executes the CLI entry point.
• Fixed an invalid documentation link.

---

4.0.6 — 2026-01-11

Bug Fixes

• Dependency and lock-file updates to address security advisories.

---

4.0.5 — 2024-07-03

New Features

... (truncated)

Commits

• See full diff in compare view

Updates prettier from 3.8.1 to 3.8.3

Release notes

Sourced from prettier's releases.

3.8.3

• SCSS: Prevent trailing comma in if() function (prettier/prettier#18471 by @​kovsu)

🔗 Changelog

3.8.2

• Support Angular v21.2

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.3

diff

SCSS: Prevent trailing comma in if() function (